Finn
Blackwell, Reporter
A
cybersecurity group says they’ve identified the person
responsible for hacking into the Manage My Health portal,
and now it wants justice served.
The privacy breach is
one of the biggest in New Zealand’s history, after hackers
gained
access to health data being held by the privately owned
patient records company, Manage My Health.
Those
responsible, a hacker who calls themselves Kazu, demanded
US$60,000 for the stolen data.
Manage My Health has
been granted a High Court injunction preventing anyone from
accessing or sharing the stolen data.
Kazu had
previously published samples of the leaked information
online.
Earlier this month, all posts referring to
Manage My Health had been removed from the page.
The
International Online Crime Coordination Centre (IOC3) has
been tracking Kazu, following the breach.
It targets
online harm, including child exploitation, grooming,
extremism and fraud.
The group has shared its
investigation with RNZ. We have agreed not to name the
person believed to be behind Kazu or details that could
jeopardise a further investigation.
Advertisement – scroll to continue reading
They have also
alerted the authorities.
IOC3 executive director Caden
Scott said they needed to be careful.
“We’re just
mindful that we’re still looking into this individual, and
we don’t want to mistakenly drive this person underground by
making them aware that there are these kinds of
investigations ongoing into them.”
Scott said they
wanted to see the person behind the attack
arrested.
“We definitely want justice,” he
said.
“We want this person to be looked into and this
person to be arrested as a result of their actions. They’ve
definitely committed a plethora of crimes there, and this
isn’t the only attack that they’ve done. They’ve attacked
numerous other institutions from across the entire
globe.”
He said health companies hold extremely
sensitive data.
“When you look at healthcare
institutions, or anything like that, especially ones that
hold a lot of people’s very personal data, often times they
don’t really have that choice in paying the ransom or not
paying the ransom,” Scott said.
“These are very
sensitive topics and very sensitive information, so a lot of
times it’s best to do whatever possible to stop that
information getting out.”
Scott encouraged victims of
ransomware attacks not to pay the hackers.
“Paying
that ransom doesn’t guarantee that the data isn’t going to
be leaked,” he said.
“They might ask you for
half-a-million dollars, you pay that, and then they decide:
‘Well, can also sell this database to everyone as well and
make even more money’.”
It was better to go through
law enforcement, Scott said.
The National Cyber
Security Centre’s chief operating officer Mike Jagusch said
they were aware of information in the public domain
identifying those who’ve claimed responsibility for the
attack on Manage My Health.
He said they were working
with police, Health New Zealand, and other agencies to
reduce the impact of the breach and prevent further
exploitation of the leaked data.
“At the National
Cyber Security Centre, we have a range of tools and
information it uses to help establish the identity of
malicious actors,” he said.
“This process is called
attribution, and it can be very complex. It requires
significant analysis to have the necessary level of
confidence to attribute activity to an actor or
group.”
Jagusch said public attribution of cyber
activity to a group or state is a whole-of-government
process, and was undertaken when it was in the national
interest to do
so.
© Scoop Media
New Zealand’s public broadcaster, providing comprehensive NZ news and current affairs, specialist audio features and documentaries.
Radio New Zealand is a Crown entity established under the Radio New Zealand Act 1995. Radio New Zealand News are vital elements in our programming, providing impartial news and information to New Zealanders every day. Radio New Zealand (RNZ) provides listeners with exciting and independent radio programmes in accordance with the Radio New Zealand Charter.
Discussion about this post